Oracle Linux 7 ELSA-2023-13019: Critical Kernel Security Threat Update
oracle
December 7, 2023
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Summary
[4.1.12-124.81.2.el7uek] - rebuild bumping release [4.1.12-124.81.1.el7uek] - netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [Orabug: 35923500] {CVE-2023-39193} - USB: ene_usb6250: Allocate enough memory for full object (Kees Cook) [Orabug: 35924058] {CVE-2023-45862} - netfilter: xt_u32: validate user space input (Wander Lairson Costa) [Orabug: 35923470] {CVE-2023-39192} - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35707466] {CVE-2023-4207}
Topics Covered
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.1.12-124.81.2.el7uek.src.rpm
x86_64
kernel-uek-doc-4.1.12-124.81.2.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.81.2.el7uek.noarch.rpm kernel-uek-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.81.2.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.81.2.el7uek.x86_64.rpm
aarch64
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2023-39192
CVE-2023-39193
CVE-2023-4207
CVE-2023-45862
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!